/*     */ package xin.petstore.framework.cas;
/*     */ 
/*     */ import com.eloancn.framework.cipher.DESUtils;
/*     */ import java.util.ArrayList;
/*     */ import java.util.List;
/*     */ import java.util.Map;
/*     */ import org.apache.shiro.authc.AuthenticationException;
/*     */ import org.apache.shiro.authc.AuthenticationInfo;
/*     */ import org.apache.shiro.authc.AuthenticationToken;
/*     */ import org.apache.shiro.authc.SimpleAuthenticationInfo;
/*     */ import org.apache.shiro.authz.AuthorizationInfo;
/*     */ import org.apache.shiro.authz.SimpleAuthorizationInfo;
/*     */ import org.apache.shiro.cas.CasAuthenticationException;
/*     */ import org.apache.shiro.cas.CasToken;
/*     */ import org.apache.shiro.realm.AuthorizingRealm;
/*     */ import org.apache.shiro.subject.PrincipalCollection;
/*     */ import org.jasig.cas.client.authentication.AttributePrincipal;
/*     */ import org.jasig.cas.client.validation.Assertion;
/*     */ import org.jasig.cas.client.validation.TicketValidationException;
/*     */ import org.jasig.cas.client.validation.TicketValidator;
/*     */ import org.slf4j.Logger;
/*     */ import org.slf4j.LoggerFactory;
/*     */ 
/*     */ public class CasRealm extends AuthorizingRealm
/*     */ {
/*     */   public static final String DEFAULT_REMEMBER_ME_ATTRIBUTE_NAME = "longTermAuthenticationRequestTokenUsed";
/*     */   public static final String DEFAULT_VALIDATION_PROTOCOL = "CAS";
/*  70 */   private static Logger log = LoggerFactory.getLogger(CasRealm.class);
/*     */   private String casServerUrlPrefix;
/*     */   private String casService;
/*  82 */   private String validationProtocol = "CAS";
/*     */ 
/*  85 */   private String rememberMeAttributeName = "longTermAuthenticationRequestTokenUsed";
/*     */   private TicketValidator ticketValidator;
/*     */   private String defaultRoles;
/*     */   private String defaultPermissions;
/*     */   private String roleAttributeNames;
/*     */   private String permissionAttributeNames;
/*     */ 
/*     */   public CasRealm()
/*     */   {
/* 103 */     setAuthenticationTokenClass(CasToken.class);
/*     */   }
/*     */ 
/*     */   protected void onInit()
/*     */   {
/* 108 */     super.onInit();
/*     */   }
/*     */ 
/*     */   public TicketValidator getTicketValidator()
/*     */   {
/* 113 */     return this.ticketValidator;
/*     */   }
/*     */ 
/*     */   public void setTicketValidator(TicketValidator ticketValidator) {
/* 117 */     this.ticketValidator = ticketValidator;
/*     */   }
/*     */ 
/*     */   protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
/*     */     throws AuthenticationException
/*     */   {
/* 128 */     CasToken casToken = (CasToken)token;
/* 129 */     if (token == null) {
/* 130 */       return null;
/*     */     }
/*     */ 
/* 133 */     String ticket = (String)casToken.getCredentials();
/* 134 */     if (!org.apache.shiro.util.StringUtils.hasText(ticket)) {
/* 135 */       return null;
/*     */     }
/*     */ 
/* 138 */     TicketValidator ticketValidator = getTicketValidator();
/*     */     try
/*     */     {
/* 145 */       Assertion casAssertion = ticketValidator.validate(ticket, getCasService());
/*     */ 
/* 147 */       AttributePrincipal casPrincipal = casAssertion.getPrincipal();
/* 148 */       String userId = casPrincipal.getName();
/* 149 */       log.debug("Validate ticket : {} in CAS server : {} to retrieve user : {}", new Object[] { 
/* 150 */         ticket, getCasServerUrlPrefix(), userId });
/*     */ 
/* 152 */       UserInfo user = new UserInfo();
/* 153 */       user.setAssertion(casAssertion);
/* 154 */       Map attributes = casPrincipal.getAttributes();
/* 155 */       user.setUserName((String)attributes.get("realname"));
/* 156 */       user.setUserRealName((String)attributes.get("realname"));
/* 157 */       user.setEmail((String)attributes.get("email"));
/* 158 */       String mobile = (String)attributes.get("mobile");
/* 159 */       if (org.apache.commons.lang3.StringUtils.isNotEmpty(mobile))
/* 160 */         mobile = DESUtils.getDecryptString(mobile);
/* 161 */       user.setMobile(mobile);
/* 162 */       String idcard = (String)attributes.get("idcard");
/* 163 */       if (org.apache.commons.lang3.StringUtils.isNotEmpty(idcard)) {
/* 164 */         idcard = DESUtils.getDecryptString(idcard);
/*     */       }
/* 166 */       user.setIdCard(idcard);
/* 167 */       String _userId = (String)attributes.get("mapperuid");
/*     */ 
/* 170 */       user.setUserId(_userId);
/* 171 */       user.setStatus((String)attributes.get("status"));
/* 172 */       user.setPaypassword((String)attributes.get("paypassword"));
/* 173 */       user.setPhoto((String)attributes.get("photo"));
/* 174 */       user.setAccountNum((String)attributes.get("accountNum"));
/* 175 */       user.setUserType((String)attributes.get("userType"));
/* 176 */       user.setRoles((String)attributes.get("role"));
/*     */ 
/* 178 */       casToken.setUserId(userId);
/* 179 */       String rememberMeAttributeName = getRememberMeAttributeName();
/* 180 */       String rememberMeStringValue = (String)attributes.get(rememberMeAttributeName);
/* 181 */       boolean isRemembered = (rememberMeStringValue != null) && (Boolean.parseBoolean(rememberMeStringValue));
/* 182 */       if (isRemembered) {
/* 183 */         casToken.setRememberMe(true);
/*     */       }
/*     */ 
/* 188 */       return new SimpleAuthenticationInfo(user, ticket, getName()); } catch (TicketValidationException e) {
/*     */     }
/* 190 */     throw new CasAuthenticationException("Unable to validate ticket [" + ticket + "]", e);
/*     */   }
/*     */ 
/*     */   protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals)
/*     */   {
/* 206 */     UserInfo user = (UserInfo)principals.getPrimaryPrincipal();
/*     */ 
/* 208 */     SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
/*     */ 
/* 210 */     addRoles(simpleAuthorizationInfo, split(this.defaultRoles));
/*     */ 
/* 212 */     addPermissions(simpleAuthorizationInfo, split(this.defaultPermissions));
/*     */ 
/* 217 */     addRoles(simpleAuthorizationInfo, split(user.getRoles()));
/*     */ 
/* 223 */     addPermissions(simpleAuthorizationInfo, split(user.getPermissions()));
/*     */ 
/* 225 */     return simpleAuthorizationInfo;
/*     */   }
/*     */ 
/*     */   private List<String> split(String s)
/*     */   {
/* 235 */     List list = new ArrayList();
/* 236 */     String[] elements = org.apache.shiro.util.StringUtils.split(s, ',');
/* 237 */     if ((elements != null) && (elements.length > 0)) {
/* 238 */       for (String element : elements) {
/* 239 */         if (org.apache.shiro.util.StringUtils.hasText(element)) {
/* 240 */           list.add(element.trim());
/*     */         }
/*     */       }
/*     */     }
/* 244 */     return list;
/*     */   }
/*     */ 
/*     */   private void addRoles(SimpleAuthorizationInfo simpleAuthorizationInfo, List<String> roles)
/*     */   {
/* 254 */     for (String role : roles)
/* 255 */       simpleAuthorizationInfo.addRole(role);
/*     */   }
/*     */ 
/*     */   private void addPermissions(SimpleAuthorizationInfo simpleAuthorizationInfo, List<String> permissions)
/*     */   {
/* 266 */     for (String permission : permissions)
/* 267 */       simpleAuthorizationInfo.addStringPermission(permission);
/*     */   }
/*     */ 
/*     */   public String getCasServerUrlPrefix()
/*     */   {
/* 272 */     return this.casServerUrlPrefix;
/*     */   }
/*     */ 
/*     */   public void setCasServerUrlPrefix(String casServerUrlPrefix) {
/* 276 */     this.casServerUrlPrefix = casServerUrlPrefix;
/*     */   }
/*     */ 
/*     */   public String getCasService() {
/* 280 */     return this.casService;
/*     */   }
/*     */ 
/*     */   public void setCasService(String casService) {
/* 284 */     this.casService = casService;
/*     */   }
/*     */ 
/*     */   public String getValidationProtocol() {
/* 288 */     return this.validationProtocol;
/*     */   }
/*     */ 
/*     */   public void setValidationProtocol(String validationProtocol) {
/* 292 */     this.validationProtocol = validationProtocol;
/*     */   }
/*     */ 
/*     */   public String getRememberMeAttributeName() {
/* 296 */     return this.rememberMeAttributeName;
/*     */   }
/*     */ 
/*     */   public void setRememberMeAttributeName(String rememberMeAttributeName) {
/* 300 */     this.rememberMeAttributeName = rememberMeAttributeName;
/*     */   }
/*     */ 
/*     */   public String getDefaultRoles() {
/* 304 */     return this.defaultRoles;
/*     */   }
/*     */ 
/*     */   public void setDefaultRoles(String defaultRoles) {
/* 308 */     this.defaultRoles = defaultRoles;
/*     */   }
/*     */ 
/*     */   public String getDefaultPermissions() {
/* 312 */     return this.defaultPermissions;
/*     */   }
/*     */ 
/*     */   public void setDefaultPermissions(String defaultPermissions) {
/* 316 */     this.defaultPermissions = defaultPermissions;
/*     */   }
/*     */ 
/*     */   public String getRoleAttributeNames() {
/* 320 */     return this.roleAttributeNames;
/*     */   }
/*     */ 
/*     */   public void setRoleAttributeNames(String roleAttributeNames) {
/* 324 */     this.roleAttributeNames = roleAttributeNames;
/*     */   }
/*     */ 
/*     */   public String getPermissionAttributeNames() {
/* 328 */     return this.permissionAttributeNames;
/*     */   }
/*     */ 
/*     */   public void setPermissionAttributeNames(String permissionAttributeNames) {
/* 332 */     this.permissionAttributeNames = permissionAttributeNames;
/*     */   }
/*     */ }

/* Location:           C:\java代码反编译器\core-1.1.4.jar
 * Qualified Name:     com.eloancn.framework.cas.CasRealm
 * JD-Core Version:    0.6.0
 */